package com.java.tutorials.jdk7.extendedSSLsession;
import javax.net.ssl.*;
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.AlgorithmConstraints;
import java.security.AlgorithmParameters;
import java.security.CryptoPrimitive;
import java.security.Key;
import java.security.interfaces.RSAKey;
import java.util.Date;
import java.util.Set;
/**
 * Created by xuzhike on 2016/1/24.
 * http://www.java2s.com/Code/Java/JDK-7/UsingtheExtendedSSLSessioninterface.htm
 * Using the ExtendedSSLSession interface
 */
public class SSLServerTest {
    public static void main(String[] arstring) throws Exception {
        SSLServerSocketFactory sslServerSocketFactory = (SSLServerSocketFactory) SSLServerSocketFactory
                .getDefault();
        SSLServerSocket sslServerSocket = (SSLServerSocket) sslServerSocketFactory
                .createServerSocket(9999);
        System.out.println("Waiting for a client ...");
        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();

        SSLParameters parameters = sslSocket.getSSLParameters();
        parameters.setAlgorithmConstraints(new SimpleConstraints());

        AlgorithmConstraints constraints = parameters.getAlgorithmConstraints();
        System.out.println("Constraint: " + constraints);

        String endPoint = parameters.getEndpointIdentificationAlgorithm();
        System.out.println("End Point: " + endPoint);

        System.out.println("Local Supported Signature Algorithms");
        if (sslSocket.getSession() instanceof ExtendedSSLSession) {
            ExtendedSSLSession extendedSSLSession = (ExtendedSSLSession) sslSocket
                    .getSession();
            String alogrithms[] = extendedSSLSession
                    .getLocalSupportedSignatureAlgorithms();
            for (String algorithm : alogrithms) {
                System.out.println("Algortihm: " + algorithm);
            }
        }

        System.out.println("Peer Supported Signature Algorithms");
        if (sslSocket.getSession() instanceof ExtendedSSLSession) {
            String alogrithms[] = ((ExtendedSSLSession) sslSocket.getSession())
                    .getPeerSupportedSignatureAlgorithms();
            for (String algorithm : alogrithms) {
                System.out.println("Algortihm: " + algorithm);
            }
        }

        InputStream inputstream = sslSocket.getInputStream();
        InputStreamReader inputstreamreader = new InputStreamReader(inputstream);
        BufferedReader bufferedreader = new BufferedReader(inputstreamreader);

        SSLSession session = sslSocket.getHandshakeSession();
        if (session != null) {
            System.out.println("Last accessed: "
                    + new Date(session.getLastAccessedTime()));
        }

        String string = null;
        while ((string = bufferedreader.readLine()) != null) {
            System.out.println(string);
            System.out.flush();
        }

    }

}

class SimpleConstraints implements AlgorithmConstraints {
    public boolean permits(Set<CryptoPrimitive> primitives, String algorithm,
                           AlgorithmParameters parameters) {
        return permits(primitives, algorithm, null, parameters);
    }

    public boolean permits(Set<CryptoPrimitive> primitives, Key key) {
        return permits(primitives, null, key, null);
    }

    public boolean permits(Set<CryptoPrimitive> primitives, String algorithm,
                           Key key, AlgorithmParameters parameters) {
        if (algorithm == null)
            algorithm = key.getAlgorithm();

        if (algorithm.indexOf("RSA") == -1)
            return false;

        if (key != null) {
            RSAKey rsaKey = (RSAKey) key;
            int size = rsaKey.getModulus().bitLength();
            if (size < 2048)
                return false;
        }

        return true;
    }
}